[02:49] <shadow98> just trying to find the best option here for failover...i have one server currently and a 2nd server that i am setting up now to do a failover...
[02:49] <shadow98> i was planning to rysnc the directories and replicate mysql
[02:50] <shadow98> is that the best option...
[02:50] <shadow98> this is for my website and sql server
[02:50] <shadow98> i was going to replicate /var/www
[02:50] <shadow98> sorry rsync
[03:05] <shadow98> hello
[03:24] <qman__> shadow98, that sounds like a good plan to me
[04:13] <shadow98> awesome
[05:29] <psi-jack> Okay, so if X has a problem finding the 'fixed' font, what package would I need to reinstall to fix it?
[05:33] <ScottK> One that's not related to Ubuntu Server
[05:41] <TimReichhart> hi guys i am having problems compiling a drivers for my 56k modem on my server and here what I am getting http://pastebin.com/pastebin.php?dl=m76fb116d
[05:42] <psi-jack> Do people actually still use modems? o.O
[05:43] <jmarsden> FAXes are still fairly common in the business world, so yes, they do use modems for FAX transmission and reception.
[05:44] <TimReichhart> that is correct jmarsden
[05:44] <jmarsden> The more pertinent question here is why one would build a FAX server and use an unsupported internal modem rather than one known to work with the appropriate FAX server software...
[05:45] <psi-jack> Okay.. So, I have a gigabit switch and gigabit NIC, but my switch is showing only 100mbit connection, not 1000mbit. Is there something I need to be doing to get it to go up to 1000?
[05:45] <ScottK> How far apart are they?
[05:45] <psi-jack> The computer and the switch?
[05:45] <TimReichhart> jmarsden: its on a research that I am doing on and please I wanted to know how to build a fax server on linux
[05:46] <psi-jack> ScottK: About... 2 inches.. Cable's a 6 inch.
[05:46] <jmarsden> TimReichhart: Step one is choose appropriate hardware :)  I'll take a look, but...
[05:46] <psi-jack> Err, well, not 6 inch, but like, 2 foot.
[05:46] <ScottK> OK. so much for that idea
[05:46] <psi-jack> And it's cat5e :)
[05:47] <TimReichhart> jmarsden: but what
[05:48] <jmarsden> TimReichhart: But you make life difficult when you choose to ignore that step!  I have built multiport FAX servers for clients... see http://www.hylafax.org/content/Hardware_Compatibility_List
[05:49] <TimReichhart> jmarsden: yes I do have a external modem but I dont have a null cable for it so that is why I am trying to get this intel/internal card to work and I know the modem is working bc I can hear a dial tone and I can call out but I just cant get it to send out any faxes.....
[05:50] <jmarsden> Are you sure the driver for it supports FAXing?  What Class is is supposed to handle?  2.0 ?
[05:51] <TimReichhart> from what I was told this driver is supported for faxing and I dont know what classs its handling on
[05:53] <jmarsden> So... ask it... use minicom or whatever terminal emulatir you are using for debugging and try the AT+FCLASS=2.0 command, etc... what have you tried exactly?
[05:54] <TimReichhart> I havent really tried anything except for trying to get this driver to work
[05:54] <jmarsden> Define "work"?  You got it to give you dial tone and dial out... how did you do that?  What did you use to make the outgoing calls?
[05:55] <TimReichhart> I dont remember how I got the modem to make a outgoing call
[05:55] <TimReichhart> modem to make it to work to make the outgoing call*
[05:56] <jmarsden> A research you are doing... but you made no notes as you did the research?  Lesson #1: Take good notes.
[05:56] <jmarsden> Looks like the thing you are trying to compile is a kernel module, is that correct?
[05:57] <TimReichhart> that is what I have been told to do
[05:57] <TimReichhart> but when I tried to search for the modem there isnt anything showing for the modem
[05:57] <jmarsden> Been told?  This is a research project, you should be the one deciding what to do.  Following what other people tell you do to is not research.  Do you have the kernel sources installed?
[05:58] <TimReichhart> how do I know if I got the kernal sources installed?
[05:58] <jmarsden> Because you installed them as part of your work on this research project? :)
[05:59] <TimReichhart> i dont think I installed them but how can I make sure I got them installed
[06:00] <jmarsden> Same way you tell if you have any other package installed... dpkg -l PACKAGENAME -- in this case the PACKAGENAME is probably linux-generic
[06:01] <psi-jack> Hmmmm
[06:02] <TimReichhart> see I tried the linux-generic it was telling me to re-install the server part of it when I did the updates
[06:02] <jmarsden> Be specific... you used what command and got what exact error message back from it?
[06:03] <TimReichhart> when I did the sudo apt-get update
[06:03] <TimReichhart> I dont have the linux-generic anymore I got the server part of re-installed
[06:03] <psi-jack> Bleh. Still no 1gbit.
[06:04] <jmarsden> TimReichhart: So try installing linux-generic now and then try compiling your kernel module again.
[06:09] <artillerytx> If i wanted to add a subdomain pointing at a url in bind wouldn't that be a server alias
[06:09] <artillerytx> or i mean an alias record
[06:15] <psi-jack> Okay, so it's an on-board 3c940 10/100/1000 NIC that's not going 1000 mbit mode.. On another system, I have it with a nForce 2 10/100/1000 and Linksys 10/100/1000, the Linksys will go 1000 no problem, but neither on-board 1000-capable NIC is going 1000.
[06:30] <jmarsden> artillerytx: DNS records can only point to an IP address, not to a URL.
[06:30] <artillerytx> so i would create a new virtual host
[06:30] <artillerytx> with that subdomain
[06:31] <jmarsden> Sure, you could do that.
[06:31] <artillerytx> and then point the dns record to the same ip
[06:31] <jmarsden> Yes.
[06:31] <artillerytx> does this work for you http://invoice.longhornpcrepair.com
[06:31] <nick125> Doesn't look like it
[06:31] <jmarsden> Nope, that is not in the DNS here.
[06:31] <artillerytx> alright oh well no big deal
[06:31] <artillerytx> i will figure it out later
[06:37] <qman__> psi-jack, it is possible that your cable is too short
[06:37] <qman__> the specification requires 3' minimum length
[06:39] <qman__> shorter ones usually work but not always
[06:42] <psi-jack> qman__: Oh no, it's not too short.
[06:44] <psi-jack> The Linksys 10/100/1000 connected to my switch at 1000, but neither the nForce2 or 3c940 on-board NIC's of two computers will do it at 1000.
[06:44] <qman__> nforce 2?
[06:44] <psi-jack> The Linksys one is PCI card.
[06:44] <psi-jack> qman__: Yeah.
[06:44] <qman__> those aren't gigabit
[06:44] <qman__> so there's your problem
[06:44] <psi-jack> Yes, actually, it is.
[06:45] <qman__> nforce 4 is gigabit
[06:45] <psi-jack> Hey, the mobo manual says the NIC is 10/100/1000, so I'm trusting the manufacturer here. ;)
[06:45] <qman__> must be a pretty unusual setup then
[06:46] <qman__> nforce 2 is pretty old, before gigabit was common or cheap enough for most people
[06:46] <psi-jack> The new NVIDIA nForce2 Gigabit MCP delivers industry-leading Gigabit Ethernet performance/
[06:47] <psi-jack> Not uncommon at all, nVidia even says it.
[06:48] <psi-jack> And the nforce2 was well after gigabit was out.
[06:48] <psi-jack> But the 3c940 is also having the same problem, it won't go 1000mbit.
[06:49] <qman__> if the cable is tested good, then that's pretty strange
[06:49] <psi-jack> So far, the only one I've managed to actually go 1000mbit, is the bloody Linksys off-board one.
[06:49] <jmarsden> psi-jack: Trying a longer and different cable would be worth it at this point, IMO.
[06:49] <psi-jack> Yep. Same cable that went to the nforce2 that wouldn't go 1000, is hooked into the linksys, and connecting at 1000
[06:50] <psi-jack> jmarsden: I tried that too.
[06:50] <jmarsden> Maybe the Linksys is more tolerant of the too-short out of spec cable than the others?
[06:50] <jmarsden> OK.
[06:50] <qman__> that type of thing is generally handled by the NIC itself, with hooks for the drivers to interfere if needed
[06:50] <psi-jack> I switched out cables for brand new freshly made cables. heh
[06:51] <jmarsden> Which were over 3 feet, right?
[06:51] <psi-jack> Correct.
[06:51] <qman__> if the switch is behaving correctly, and the cables are working, the next logical step is hardware failure, but two NICs at the same time is unlikely
[06:51] <jmarsden> Seems odd indeed.  Can you test with a different switch at some point?
[06:52] <psi-jack> Yeah. Both the on-board NIC's won't do 1000, but are capable of it.
[06:52] <qman__> what happens if you connect the NICs to each other?
[06:52] <psi-jack> jmarsden: Only have the one gigabit switch.
[06:52] <jmarsden> Borrow one from a friend, move PC to friends house, etc etc... ?
[06:52] <psi-jack> jmarsden: Heh, I literally just bought the switch from a friend. :p
[06:53] <qman__> gigabit is automagic, so you can connect anything to anything
[06:54] <qman__> while connecting two NICs in one machine to each other isn't very practical, it should at least get you a gigabit link light
[06:54] <psi-jack> qman__: That's a negative.
[06:54] <psi-jack> Gigabit did not go.
[06:54] <qman__> do they link at 100, or not at all
[06:55] <psi-jack> 100, yes. 1000, no.
[06:55] <psi-jack> And both nic's I see are using the sk98lin driver for them.
[06:56] <qman__> so far that's the only thing in common
[06:57] <qman__> one way to verify would be, if they have lights for gigabit, to reboot the machine and see if they go gigabit before the OS loads
[06:57] <qman__> though that'd be very inconvenient and somewhat inconclusive
[06:58] <jmarsden> Boot from a *BSD LiveCD and see if its drivers do any better??
[06:58] <psi-jack> qman__: I believe when I first booted back up my system it was 1000, initially.
[06:58] <psi-jack> jmarsden: That's also a thought. I'll prolly try that. ;)
[06:59] <psi-jack> Once my backups finish.
[06:59] <qman__> that wou;d confirm it as being the driver
[06:59] <qman__> funny how that works
[06:59] <qman__> the driver removes functionality
[07:00] <psi-jack> Heh.
[07:00] <psi-jack> Well, both these systems are the last two still actually running opensuse, but that's very soon to be changing to ubuntu-server and ubuntu-desktop within the next few hours, hence the backup. ;)
[07:02] <psi-jack> Hmm, now, the 3c940 apparently can use the skge driver as well? the sk98lin was actually in the modules.d blacklist. heh
[07:19] <drurew> !img3
[07:20] <jmarsden> drurew: See http://theiphonewiki.com/wiki/index.php?title=IMG3_File_Format
[07:21] <drurew> heh, im looking at already...
[07:21] <drurew> tx tho
[07:22] <jmarsden> No problem :)
[07:30] <drurew> does anyone know of any "succesful" attempts at iphonelinux ?
[07:30]  * drurew waits for a bunch of trouts to fly his way 
[07:32] <drurew> let me rephrase...*successfully documented (including all sources) attempts
[07:34] <jmarsden> Unless Ubuntu server was ported to it, that's off topic here... maybe ask at irc://irc.osx86.hu/iphonelinux instead?
[07:38] <drurew> yeah your probly right...just the only way to install it is with ubuntu 8.10....so
[07:38] <drurew> k
[07:38] <drurew> laterz
[08:57] <jtxx0001> is it sensible to configure dovecot/postfix to use passwords which are different from the system passwords, particularly for users with root access?
[09:04] <andol> jtxx0001: Could be, yes. Especially if there is also a webmail, which those users use from wherever.
[09:07] <jtxx0001> andol: would the best way to go about this be to use dovecot's authentication with a passwd file?
[09:09] <andol> jtxx0001: No idea what the best way is for your needs. The easiest is probably to simply to configure dovecot to use another auth source, and have postfix auth by using dovecot.
[09:10] <andol> jtxx0001: Then of course, there is always PAM.
[09:11] <andol> jtxx0001: By the way, this is really not my expertiece. I know enough to figure out what I need to do myself, but not really to give other people (good) advice.
[09:12] <jtxx0001> andol: i'll look into PAM, but i think i've managed to get it working now.  thanks for the help!
[09:28] <acalvo> Hi
[09:28] <acalvo> I'm trying to configure a DNS and DHCP server
[09:28] <acalvo> DHCP is working
[09:28] <acalvo> DNS seems to be working
[09:28] <acalvo> but I cannot access anything from outside this lan
[09:29] <acalvo> I can't even ping my gateway, but I can ping and resolve any other machines in the lan
[12:27] <Rich-Newbie> Hi all, got a question about post fix. I have a simple email server setup, and can send and recive. I have setup masquerading_domain, with this I am able to send to outside email addresses, relaying through my isp. When the email arrives it showes name@server.mydomain.com, would I need to setup aliases to show it as name@mydomain.com.
[12:56] <jdive> hello folks, i have an issue with a soft raid 5 array, ext4 .. userspace application get's cut from data read on the storage, this last for less than a sec, then goes again
[12:56] <jdive> if someone could help on how to dig this out,i would appreciate it
[13:25] <uvirtbot`> New bug: #412501 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Medium,New] https://launchpad.net/bugs/412501
[14:02] <uvirtbot`> New bug: #403599 in php5 (main) "Installing PHP5 performs a reload to apache instead of a restart" [Low,Confirmed] https://launchpad.net/bugs/403599
[14:22] <Maleko> hmm this chan is as good as dead
[14:22] <ewook> no, idle is not dead.
[14:22] <giovani> Maleko: it's a Saturday morning in the US ... clearly most people won't be around
[14:23] <Maleko> oh..
[14:23] <ewook> and brunch/ early dinner in Sweden
[14:24] <Maleko> weve just had dinner here and are now slowly approaching saturday's midnight in next couple of hours
[14:25] <Maleko> btw any idea how i could start X through ssh?
[14:25] <giovani> Maleko: x
[14:25] <giovani> xorg isn't supported in #ubuntu-server
[14:25] <ewook> X11-forwarding is a good suggestion.
[14:26] <ewook> giovani: nah, but perhaps settings in sshd.conf server-side is? :)
[14:26] <Maleko> i have some apps on my ubuntu server that need to run under wine but its being picky and refuse to launch without window manager. so i then installed both wine and window manager on the os
[14:27] <Maleko> now i need to start the X.. tried startx but that doesnt work
[14:27] <giovani> ewook: not when they relate to running xorg on the server
[14:28] <ewook> giovani: I get your point.
[14:28] <giovani> Maleko: what applications are you referring to?
[14:29] <Maleko> gameserver daemon apps that run in windows cmd prompt mode
[14:30] <giovani> Maleko: sound like applications suited for windows then
[14:35] <Maleko> maybe but they should be able to run fine under wine with X support on the os
[14:36] <giovani> Maleko: except that wine and x aren't appropriate on a server setup unless you really know what you're doing
[14:50] <Boohbah> Maleko: maybe you need to get a windows server
[14:59] <RoyK> Boohbah: shame on you and your foul language
[15:50] <uvirtbot`> New bug: #414017 in samba (main) "Reloading /etc/samba/smb.conf smbd only" [Undecided,New] https://launchpad.net/bugs/414017
[17:01] <uvirtbot`> New bug: #414109 in samba (main) "package samba 2:3.3.2-1ubuntu3.1 failed to install/upgrade: il sottoprocesso post-installation script ha restituito un codice di errore 127" [Undecided,New] https://launchpad.net/bugs/414109
[17:09] <BlueFaceMonster> Hi - I have a question. Trying to set up my first email sever (emix/dovecot). I can connect to the IMAP no worries, and test emails genereted at the server get delievered to my client fine, but I'm not reciving email from external addresses. Any ideas?
[17:14] <BlueFaceMonster> (and obviously by emix I mean exim 8o\ )
[17:25] <BlueFaceMonster> OK, update, so I can "telnet localhost 25" but can't telnet remotely - connection refused. How do I change this?
[17:33] <Grim76__> BlueFaceMonster: Sounds like a Firewall/Port Forwarding issue.  Also could be an ISP block on port 25 if you are doing this on residential Internet access.
[17:34] <BlueFaceMonster> Hi, Grim76__. Not residential, but firewall/forwarding sounds about right. Is there a default firewall for ubuntu-server? I thought it might be AppArmor but that's not installed.
[17:36] <Grim76__> BlueFaceMonster: I don't recall there being one by default on the last installation that I did.  There might be a firewall at the perimeter of your network that needs to be configured to point traffic to the server.
[17:36] <BlueFaceMonster> Noted, will look into it. Thank you!#
[17:37] <Grim76__> BlueFaceMonster: Really quick.  Can you telnet to port 25 from another machine on the same network?
[17:37] <BlueFaceMonster> Not sure how to check that, it a hostes VPS
[17:39] <Grim76__> BlueFaceMonster: OK.  I know some VPS providers have a firewall that you can self configure.  Also you might try an sudo iptables -L to see if there are any rules in place based on their build.
[17:42] <BlueFaceMonster> To be honest, Grim76__, I've got no idea what I'm looking at. Could you check it for me if you have a chance? http://www.pastie.org/585055
[17:44] <jmarsden> BlueFaceMonster: Before digging into iptables rules, are you sure exim is listening on the external IP address as well as on localhost?  Try   netstat -ntl | grep :25    to find out
[17:44] <BlueFaceMonster> tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN
[17:45] <BlueFaceMonster> It's not!
[17:45] <jmarsden> So configure it to do so and life will be better :)
[17:45] <BlueFaceMonster> you make it sound so easy! :)
[17:45] <BlueFaceMonster> You know what's coming next, don't you...
[17:45] <Grim76__> Thanks jmarsden...Forgot to check for that.
[17:46] <BlueFaceMonster> ...how do I do that then?
[17:46] <jmarsden> You;ve never configured exim in your life and have no idea how... right?
[17:46] <BlueFaceMonster> Genius
[17:46] <jmarsden> Wait a sec... I use postfix more than exim these days... let me check...
[17:46] <BlueFaceMonster> Thank you!
[17:47]  * BlueFaceMonster is slowly getting used to being a newb
[17:47] <Grim76__> BlueFaceMonster: We all have to learn sometime.
[17:49] <BlueFaceMonster> I only recently discovered ubuntu IRC, and so far I've configured a webserver, made a Python/Pylons webpage from scratch and now this... all in a week. It's great! Hopefully get to "pay it forward" someday and help other
[17:51] <jmarsden> BlueFaceMonster: Let's try    sudo dpkg-reconfigure exim4-config
[17:51] <Grim76__> BlueFaceMonster: Look at your configuration and look for dc_local_interfaces according to what I am reading that is where you specify what interfaces to listen.
[17:52] <jmarsden> Grim76__: Probably better to use the "friendly" config tools rather than manual file editing, don't you think?
[17:53] <sub> It depends who you ask :-)
[17:53] <sub> hehe
[17:53] <Grim76__> Good point.
[17:54] <BlueFaceMonster> nah, I'm an expert at "sudo nano /etc/foo.conf" now
[17:54] <Grim76__> BlueFaceMonster: Follow jmarsden and ignore me on that one.  I am used to editing the config files directly.
[17:54] <jmarsden> sub: It depends who you are and your level of experience, IMO.  I'd hack it, but I've been doing Unix system and network admin for 15+ years...
[17:54] <BlueFaceMonster> I'm happy with that, just can find exim.conf! Friendly tools it is...
[17:55] <BlueFaceMonster> * can't
[17:55] <jmarsden> Hmmm.  When you installed exim what did you do regarding configuring it?  Didn't you get the debconf dialogs about it then?
[17:56] <sub> jmarsden: Yes, very true, I agree. I've been doing *nix admin for about 5 total (though I have been using Linux for 10!)
[17:57] <sub> BlueFaceMonster: The friendly config tool is can be launched via: sudo dpkg-reconfigure exim4-config
[17:57] <sub> s/is//
[17:57] <BlueFaceMonster> I did, jmarsden, but I just forgot to add the external IP address. I have now, it was very easy and I am composing a suitable test email to myself... fingers crossed...
[17:57] <sub> Ah sorry, misunderstood :)
[17:58] <jmarsden> Good.  Looks like all is well, I'll go eat my breakfast... have fun with exim :)
[17:58] <ivantis> Does anyone here run ubuntu server with mysql installed?
[17:59] <BlueFaceMonster> Tadaa! Worked like a charm! My thanKs to you all!
[18:00] <jdstrand> BlueFaceMonster: re firewall in Ubuntu> the default firewall tool is 'ufw'. It is not enabled be default. see 'man ufw' and https://wiki.ubuntu.com/UbuntuFirewall for details
[18:01] <BlueFaceMonster> will do, thanks.
[18:01] <jmarsden> ivantis: Ask you real question and find out who can help answer it...
[18:02] <Grim76__> BlueFaceMonster: Out of curiosity where did you get your VPS?
[18:02] <BlueFaceMonster> tagadab.com - can't fault them, service so far has been impeccible and cheap and chips, too
[18:02] <Grim76__> BlueFaceMonster: Ok thanks for the information.
[19:35] <vecy> hey guys i have purchased a Dedicated Server - first time with multiple IP's i have a IP range - 72.232.190.90 to 72.232.190.94 - but when i try to ssh into it using lets say 72.232.190.91 - i never am connecting, do i need to activate these IPs somewhere before i can use them ? if so how ?
[19:36] <vecy> i am connecting fine using *.*.*.90
[19:36] <vecy> but not connecting at all using  *.*.*.91-94
[19:37] <jmarsden> vecy: Do you have interfaces (or interface aliases) that actually are set to those IP addresses?  If not, your sever will not respond to traffic send to those IPs.
[19:38] <vecy> i honestly dont know, i am logged in as root and i have not set anything besides installed LAMP (apache ..)
[19:38] <jmarsden> Do you *need* to use the other IPs for something in particular?  If so, what?
[19:38] <vecy> when i type 'ifconfig' i see only the *.90 set
[19:38] <jmarsden> Then you are only listening on .90
[19:39] <vecy> well i want to setup my Apache for 5 websites if ip: 72.232.190.91 go to /home/user1/www   if 72.232.190.92 go to /home/user2/www ... and perhaps some other stuff just incase
[19:39] <vecy> do you know the commands how to set those ips up ?
[19:40] <Daviey> vecy: Do you know how to do virtualhosts?  It's similar
[19:41] <vecy> ohh true vhosts i totally forgot about them, yes i can use those and bind to domain name even better... :)
[19:41] <Daviey> thar you go :)
[19:42] <jmarsden> vecy: if you decide you do need the other IPs, man interfaces   and also    less /usr/share/doc/ifupdown/examples/network-interfaces.gz    will probably get you on your way to configuring interface aliases for the other addresses.
[19:45] <vecy> thx :) reading on it now.. seems simple lets try rebooting now for changes to take affect.. a reboot is required right ?
[19:46] <jmarsden> No, just restart networking or probably just ifup the newly defined interface aliases
[19:46] <jmarsden> But I'd only add them if you need to use them; otherwise, keep it simple.
[19:49] <vecy> ah i rebooted before ive seen your msg and its been 5minutes
[19:49] <vecy> server still not up hmm could it get stuck anywhere ?
[19:49] <jmarsden> That's a long reboot... well, it could if you broke things and misconfigured the network interfaces...
[19:50] <jmarsden> Maybe you need to see whether your provider offers you remote console access of some kind?
[19:51] <vecy> well the /etc/.../interfaces  file had  if i recall   eth0 auto... then eth0 ... static  my ip .. subnet.. gateway
[19:51] <vecy> and i just copy pasted that  from  eth0 static .. 3 times changed ip only
[19:51] <jmarsden> That's unlikely to work, you need separate interface aliases for each IP, I *think*... like eth0:0, eth0:1 ... which were in the examples.
[19:52] <vecy> iface eth0 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254
[19:52] <jmarsden> Get yourself remote console access and see what is going on.
[19:52] <vecy> it had this line
[19:52] <vecy> i just copy pasted and changed ip
[19:52] <vecy> thats just an example ok
[19:52] <vecy> ill give them a call to see if they can give me remote console access
[19:52] <sub> try the last IP you configured
[19:53] <sub> because jmarsden is correct about the interface aliases
[19:54] <sub> also the gateway only needs to be configured once
[19:58] <vecy> im such a noob lol first try locked myself out ... waiting for support to reply
[20:00] <sub> You've gotta learn somehow :P
[20:01] <vecy> is anyone here with LayeredTech by the way - just wondering where does one find the 'Automatic OS reloads' button which they advertise but not found within the Customer Portal
[20:22] <vecy> so you guys are saying i should be doing
[20:22] <vecy> iface eth0 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254
[20:22] <vecy> for ip #1
[20:22] <vecy> iface eth1 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254
[20:22] <vecy> for ip #2
[20:22] <vecy> ?
[20:22] <vecy> and etc eth2, eth3..
[20:24] <jmarsden> No... use eth0, eth0:0 and eth0:1 since you only have one physical network interface, eth0.  eth0:X are the aliases
[20:24] <jmarsden> I'm out of here... on my way to attend a wedding...
[20:25] <vecy> cool thx
[20:44] <vecy> should
[20:44] <vecy> auto eth0 eth0:1 eth0:2 eth0:3
[20:44] <vecy> cause any problems ?
[20:45] <vecy> i added it and not again! it looks like i broke my server again, cant connect to it anymore
[21:01] <giovani> vecy: you should never be editing core networking config files without an alternate means of accessing the server
[21:02] <giovani> you WILL break something if you're not very careful and experienced with how the files work
[21:02] <giovani> however, to answer your question, yes you can auto multiple interfaces on one line, that's fine
[21:02] <giovani> you probably had a typo elsewhere in the config
[21:03] <HellMind> When should I chroot?
[21:03] <giovani> when you have a need for it ...
[21:03] <giovani> when the process is self-contained within a specific directory structure, or can be easily adapted to
[21:04] <HellMind> for security is useful?
[21:04] <giovani> it can be
[21:04] <HellMind> I want to run a ventrilo server
[21:04] <HellMind> I dont know if doing that is necesary
[21:04] <giovani> necessary? definitely not
[21:05] <HellMind> but its a lot secure or its the same :(
[21:06] <HellMind> doing that what Im preventing?
[21:06] <giovani> there's no way for me to give you a simple answer
[21:06] <giovani> the security advantages are, if the ventrilo software is compromised, they only have access to files that were placed in the chroot
[21:07] <giovani> and they won't be able to access other files on your server, unless there's a bug or vulnerability in the kernel
[21:07] <HellMind> but if the attacker gain root?
[21:07] <HellMind> oh
[21:07] <giovani> well it's unlikely that they'd gain root through a chrooted server
[21:07] <infinity> They shouldn't, if Ventrilo isn't running as root, and if there are no root escalation vulnerabilities in your kernel.
[21:07] <giovani> however, if someone gains root on a server ... it's game over
[21:07] <HellMind> and there are many levels of chroot, because I saw you can chroot ftp
[21:08] <giovani> there are not many "levels" of chroot
[21:08] <giovani> chroot is a concept, it's either in use or not
[21:08] <giovani> chrooting users to their home directory is a common step where users on a system aren't trusted
[21:08] <giovani> (the ftp server is an example of where that might be used)
[21:09] <HellMind> for every user I must creat an enviroment?
[21:09] <giovani> if you wanted to chroot your users, yes
[21:09] <giovani> but that's separate from chrooting a particular server binary
[21:10] <HellMind> and what is the bad about it?,
[21:11] <HellMind> wasting hd space
[21:11] <giovani> chrooting is a pain to set up, it sometimes required a lot of work, and if you don't do it properly, you'll spend hours troubleshooting missing binaries, etc
[21:11] <giovani> s/required/requires/
[21:11] <HellMind> I tried and I failed
[21:11] <giovani> my point exactly
[21:12] <HellMind> I wonder which files are required to create the environment
[21:12] <giovani> ldd, and google usually help with that
[21:12] <HellMind> I can remove all thats unnecesary
[21:15] <HellMind> I got a guide
[21:15] <HellMind> but not for ubuntu
[21:15] <giovani> very little (if any) of this is ubuntu-specific
[21:15] <giovani> so that's not a problem
[21:16] <vecy> hey guys i am changing the motd.. are there any variable aliases i can use like  Hello %username% welcome! << example ?
[21:16] <vecy> i havent touched linux much so unsure
[21:16] <giovani> vecy: /etc/motd is a static file
[21:17] <giovani> /etc/issue on the other hand allows text substitution along the lines of what you'd like
[21:18] <giovani> to my knowedge, you can't print the username though -- you could write a wrapper script to handle this
[21:21] <vecy> ok one more thing lets say i have a program i want to start it everytime i reboot automatically
[21:21] <vecy> how do i do such thing ?
[21:21] <vecy> its web server.. but i need to run it manually all the time (xampp)
[21:22] <giovani> what is xampp?
[21:22] <vecy> its a combination of  apache,mysql,ftp... all in one
[21:22] <giovani> most server applications installed in ubuntu-server are automatically placed in /etc/rcX.d/ so that they start on bootup
[21:22] <vecy> but i need to type  ./lampp everytime to run it
[21:22] <giovani> that doesn't sound like something built properly for ubuntu
[21:23] <giovani> I'd recommend installing packages from ubuntu which will work well together, and properly integrate into the system
[21:23] <HellMind> root@arctica:/opt/chrooted/ventrilo# su ventrilo
[21:23] <HellMind> root@arctica:/opt/chrooted/ventrilo#
[21:23] <HellMind> why I cant su :(
[21:23] <giovani> HellMind: "su - ventrilo"
[21:24] <HellMind> its the same
[21:24] <HellMind> it returns #
[21:24] <giovani> then you didn't set up the user properly
[21:24] <HellMind> it says I must set it /bin/false
[21:24] <HellMind> the shell
[21:24] <giovani> if you set the shell to /bin/false ... then you can't log in as the user like you're trying to
[21:25] <giovani> you can do one or the other, but not both
[21:25] <HellMind> but I can run the server right
[21:25] <giovani> yes ...
[21:25] <giovani> but su is going to start the shell
[21:25] <giovani> which you've disabled
[21:25] <giovani> so clearly it won't work
[21:26] <infinity> su -s /bin/sh - ventrilo
[21:26] <infinity> That will log in as the ventrilo user.  Not sure why you'd want to, but there you go.
[21:26] <giovani> uh
[21:26] <giovani> let's not provide workarounds like that
[21:26] <giovani> that serves no purpose
[21:26] <infinity> It's not a "workaround".
[21:27] <infinity> If you need to test something as a user with a false shell, that's how you do it.
[21:27] <giovani> it absolutely is -- either the user has a shell or not
[21:27] <HellMind> giovani he is a pro
[21:27] <HellMind> infinity you rock
[21:28] <HellMind> i dont understand, if I can do that
[21:28] <giovani> you shouldn't be doing that
[21:28] <HellMind> and I see am not chrooted,
[21:28] <giovani> that's the point
[21:28] <HellMind> how can I see the chrooted environment
[21:28] <HellMind> How can I see it working
[21:28] <vecy> i asked this question on another linux channel without response.. lets try here
[21:28] <vecy> hi guys is there a way to make aliases to commands .. lets say i have  /opt/lampp/lampp (a webserver) can i make a global alias so i could just type  startwebserver and it would automatically go to /opt/lampp/lampp
[21:29] <giovani> vecy: yep, you're probably looking to set bash aliases
[21:29] <giovani> this can be done in the .bashrc file in each user's home directory
[21:30] <vecy> nice
[21:30] <HellMind> How do I know my user is being chrooted
[21:31] <infinity> Users aren't chrooted, processes are.
[21:31] <HellMind> thats why I asked the lvl of chroot,
[21:32] <HellMind> if I execute the sever using your tip, the process will be chrooted?
[21:32] <infinity> Is /opt/chrooted/ventrilo a chroot containing what will be run?
[21:32] <HellMind> yes
[21:32] <infinity> If so, "chroot /opt/chrooted/ventrilo" would get you "in that environment".
[21:33] <HellMind> but how should I start the process to chroot it then ?
[21:33] <infinity> But, you probably want a nice init script or something that will start your vent server in the chroot.
[21:33] <HellMind> "chroot /opt/chrooted/ventrilo" will spawn the shell chrooted
[21:33] <HellMind> i got a .c script but it doesnt do chroot
[21:33] <giovani> vecy: if you want to make aliases for every user on the system, best to place them in /etc/profile
[21:34] <HellMind> it only does setgid( and setgroups(
[21:37] <HellMind> So I should chroot lets say in the /etc/init.d script?
[21:38] <infinity> Assuming the application doesn't chroot itself (and I'm pretty sure vent doesn't/can't), then doing it in the init script is the cleanest place, yeah.
[21:39] <infinity> With a nice init script, you can also do some clever things like make sure the chroot is always fresh (copy over libc6, etc) before you start your application.
[21:39] <infinity> I tend to do sketchy things like mount a tmpfs, copy the libraries that my application depends on, copy in the application itself, then start it.  Then you get a nice, fresh chroot every time you restart.
[21:40] <infinity> (Which means that package updates will stay in sync with the chroot)
[21:40] <HellMind> if you do a sym link for that
[21:40] <HellMind> you are unchrooting?
[21:41] <infinity> You can't symlink out of a chroot..
[21:41] <HellMind> thats right :D
[21:42] <HellMind> so all the symlink on the chroot will be unavailable
[21:42] <HellMind> if you chroot?
[21:42] <HellMind> it will show broken link
[21:42] <HellMind> or something?
[21:42] <infinity> Well, if they're absolute symlinks using full filesystem paths, yeah.
[21:42] <infinity> Any symlinks that are internally consistent IN the chroot would be fine.
[21:43] <HellMind> nice
[21:43] <infinity> A symlink is literally just a text string.  There's nothing fancy about it.
[21:43] <infinity> So, if "foo" points to "/unf/whatever", if the latter exists in the chroot, the symlink works.
[21:43] <infinity> If not, it doesn't.
[21:44] <infinity> The file doesn't need to exist when you create the symlink, just when you want to resolve it. :P
[21:46] <HellMind> what happen if you do a cycling linking
[21:46] <HellMind> like a => b => c => a
[21:46] <infinity> Don't? :)
[21:46] <HellMind> dont know?
[21:46] <infinity> Depends on your application.
[21:47] <infinity> It won't hurt the system in any way.  They're just files on the disk.
[21:47] <infinity> But an application reading "a" could get itself caught in an infinite loop if it's written by people unprepared for such siliness.
[21:49] <HellMind> but isnt about the app, is about the filesystem, the app doesnt resolve a symlink -_-
[21:50] <infinity> The filesystem just hands back a pointer to the real inode.
[21:50] <infinity> Which libc then hands off to the application as the new file handle.
[21:51] <infinity> If the application then opens that, finds another symlink, and loops... And doesn't notice it's in a loop.
[21:51] <infinity> *shrug*
[21:51] <infinity> It's somewhat academic.  The answer is "don't do that, then".
[22:19] <sub> ln -s a b; ln -s b a; cat a gives me "cat: a: Too many levels of symbolic links
[22:19] <sub> :-)
[23:15] <r3rman_> Hey gais - http://my.brandeis.edu/bboard/q-and-a-fetch-msg?msg_id=0000Dn << how does that translate into ubuntu land?
[23:16] <r3rman_> I want ot tweak my /proc/sys/fs/file-max, inode-max (didn't find this one!) and perhaps something on ulimit
[23:16] <r3rman_> I am getting Too many files open exception
[23:17] <giovani> r3rman_: it has nothing to do with ubuntu
[23:17] <giovani> r3rman_: those are linux kernel settings ... feel free to modify them in ubuntu, it's no different than elsewhere
[23:17] <r3rman_> giovani, I don't see the inode-max on my install tho'
[23:18] <giovani> however, those posts are from years ago
[23:18] <r3rman_> yeah :s
[23:19] <giovani> r3rman_: those are from 2.2
[23:19] <giovani> long ago, things have changed heavily in 2.6
[23:19] <giovani> adjust file-max instead
[23:20] <r3rman_> aaah, pkill -9 actually works, whereas killall -p 9 fails and stops when it matches one process you don't own
[23:20] <r3rman_> giovani, where is file-max?
[23:20] <giovani> ... same place as you thought inode-max was
[23:20] <r3rman_> w00t
[23:20] <giovani> googling clearly identifies all of this
[23:20] <giovani> you should know that these settings don't stay after a reboot
[23:21] <r3rman_> yeah, so I'll emacs that file, set it high, like 65535, and I can put a init.d to reconf it though right? or just even ~.bashrc ? (or ~/.profile?) - does it take effect immediately though?
[23:21] <giovani> you can either place the settings in /etc/sysctl.conf, or in /etc/sysctl.d/ -- read the README in that dir
[23:22] <r3rman_> thanks
[23:22] <giovani> r3rman_: no no no
[23:22] <giovani> r3rman_: sysctls don't belong in any of the places you mentioned
[23:22] <infinity> Err.
[23:22] <infinity> r3rman_: If you're getting "too many open files", it's probably not a kernel setting you're after, but a session limit.
[23:22] <infinity> r3rman_: See /etc/security/limits.conf
[23:23] <r3rman_> aah, right, I bumped into that one before I fell asleep earlier, cheers infinity
[23:23] <infinity> (See ulimit(1))
[23:23] <infinity> Default for open files is 1024.
[23:24] <r3rman_> infinity, you think 65535 is the max?
[23:24] <accol> hey guys random question, if i get the 'host key verification failed' error when trying to connect to a server, what am i doing wrong (this is before i even get a chance to enter a password/username)
[23:24] <infinity> r3rman_: I think that if you have a process using 65535 open handles, you have a very broken application.
[23:24] <r3rman_> infinity, or a very awesome one
[23:25] <infinity> r3rman_: Raising ulimits is usuall a troubleshooting step, not a fix. :P
[23:25] <r3rman_> it isn't broke, it is just slamming two 8 cores like bitches, and ripping up lots of files, across two machines with 200Tb of storage. and doing crazy stuff. I've finally written something to organise my porn
[23:26] <infinity> Not seeing how 8 threads translates to 65 thousand open handles at once, but sure.
[23:27] <infinity> You'll be heavily I/O limited if you don't serialise that a bit.
[23:27] <r3rman_> infinity, yeah, you are right, I was thinking to dump it all into a berkley db, maybe I will
[23:28] <r3rman_> but, I have zillions of threads raeping the nets and when they complete they touch a file and impregnate it with awesome
[23:29] <r3rman_> that front end is well tuned, and gets the highest throughput right nao, but as I cranked it up past 11 it didn't like it
[23:29] <r3rman_> * soft nofile 65535  < infinity do I need to restart session now?
[23:30] <infinity> r3rman_: Logging out and logging in should be enough to make it happy.
[23:30] <infinity> (Or whatever starts a new session for your process... su, sudo, etc)
[23:30] <infinity> r3rman_: You can verify you got it right with "ulimit -a" and check the values.
[23:31] <r3rman_> open files is still 1024
[23:31] <r3rman_> aah need to log in / out
[23:31] <r3rman_> I could also run run a ulimit command to set it in memory now?
[23:31] <infinity> r3rman_: Yeah.  Limits are set by PAM, so you need a fresh session.
[23:31] <r3rman_> oh ok... I am accessing via vnc... perhaps I can logoff and on graphically... who knows, never tried
[23:32] <infinity> r3rman_: ulimit will only let you change user limits up to the hard limit, since root controls those.
[23:32] <infinity> r3rman_: But that would be lost on the next session start, hence why setting the default(s) for the user(s) makes a bit more sense.
[23:33] <r3rman_> ok. I've fusked my vnc now, I loaded gnome-session to see if I could logout that way, but that brough about the asdf abfh bug
[23:33] <r3rman_> lol
[23:37] <r3rman_> ulimit -n still gives 1024.... reshoe tiem
[23:48] <uvirtbot`> New bug: #414232 in munin (universe) "munin-node tries to "autoconf" /usr/share/munin/plugins/postgres_space_" [Undecided,New] https://launchpad.net/bugs/414232
[23:49] <andol> By the way, if someone feels like confirming that one
[23:49] <andol> ...feel free to do so :)
[23:52] <psi-jack> Okay.. Since my on-board NIC's capable of doing Gigabit isn't working as I'd hoped they would...
[23:52] <psi-jack> I'm looking for options of PCI-based NIC's that can do it and are well supported by Linux.
[23:52] <psi-jack> Intel and or Netgear brands would be preferred.
[23:58] <psi-jack> Anyone with suggestions of hardware and model numbers?
[23:58] <giovani> any of the intel pro stuff is good
[23:58] <giovani> not cheap though
[23:59] <psi-jack> I don't mind spending about $100/card
[23:59] <psi-jack> As long as they're worth it.